RFC 2617 ("HTTP Authentication: Basic and Digest Access Authentication") is obsolete from Julian Reschke on 2015-10-01 (ietf-http-wg@w3.org from October to December 2015)

From: Julian Reschke <julian.reschke@gmx.de>
Date: Thu, 1 Oct 2015 15:18:18 +0200
To: HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <560D329A.3080906@gmx.de>

Hi there.

RFC 2617 ("HTTP Authentication: Basic and Digest Access Authentication") 
has finally been obsoleted.

It has been superseded by a document set consisting of:

RFC 7235: Hypertext Transfer Protocol (HTTP/1.1): Authentication 
(defining the authentication framework, published last year),

RFC 7615: HTTP Authentication-Info and Proxy-Authentication-Info 
Response Header Fields (defining just two optional header fields),

RFC 7616: HTTP Digest Access Authentication, and

RFC 7617: The 'Basic' HTTP Authentication Scheme.

The two latter documents have been developed in the HTTPAUTH working group.

Best regards, Julian

PS1: We failed to make the document titles for Basic and Digest 
consistent. Sorry.

PS2: RFC 7615 is of course a candidate for inclusion into RFC 7235bis.

Received on Thursday, 1 October 2015 13:18:51 UTC